Subscribe via feed.
Posts under exploit

Zero Day In Google Chrome Patched: Bug Exploited In The Wild

Posted by deepcore under exploit (No Respond)

AspEmail 5.6.0.2 Weak Permissions / Local Privilege Escalation

Posted by deepcore under exploit (No Respond)

AspEmail version 5.6.0.2 suffers from weak permission vulnerability that allows for local privilege escalation.

Microsoft Word Remote Code Execution

Posted by deepcore under exploit (No Respond)

Microsoft Word appears to suffer from a remote code execution vulnerability when a user load a malicious file that reaches out to an attacker-controller server to get a hostile payload.

Microsoft Word Remote Code Execution

Posted by deepcore under exploit (No Respond)

Microsoft Word appears to suffer from a remote code execution vulnerability when a user load a malicious file that reaches out to an attacker-controller server to get a hostile payload.

Microsoft Windows Kernel Transactional Registry Key Rename Issues

Posted by deepcore under exploit (No Respond)

The Microsoft Windows Kernel suffers from multiple issues in the prepare/commit phase of a transactional registry key rename.

Microsoft Windows Kernel New Registry Key name Insufficient Validation

Posted by deepcore under exploit (No Respond)

The Microsoft Windows Kernel has insufficient validation of new registry key names in transacted NtRenameKey.

File Replication Pro 7.5.0 Insecure Permissions / Privilege Escalation

Posted by deepcore under exploit (No Respond)

File Replication Pro version 7.5.0 suffers from having insecure directory permissions that can allow a local attacker the ability to escalate privileges.

File Replication Pro 7.5.0 Insecure Permissions / Privilege Escalation

Posted by deepcore under exploit (No Respond)

File Replication Pro version 7.5.0 suffers from having insecure directory permissions that can allow a local attacker the ability to escalate privileges.

InnovaStudio WYSIWYG Editor Asset Manager 5.4 Shell Upload

Posted by deepcore under exploit (No Respond)

InnovaStudio WYSIWYG Editor Asset Manager versions 5.4 and below suffer from a remote shell upload vulnerability.

WordPress Limit Login Attempts 1.7.1 Cross Site Scripting

Posted by deepcore under exploit (No Respond)

WordPress Limit Login Attempts plugin versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability.